The security threats of downloading Android application are turning a new leave following the discovery of Dvmap Trojan and users like game lovers must be careful.
The Russian antivirus firm, Kaspersky Labs first discovered the Dvmap Trojan in April, and made it known to Google, without hesitation, removed the malware from the Play Store.
The new report from “The Register,” says Dvmap Trojan, which is mostly found in several games in Google Play for months recorded about 50,000 installations.
How Dvmap Operates
The report says “installs its malicious modules while also injecting hostile code into the system runtime libraries.”
This means after the sophisticated malware finds root access and leaving its infections, it then patches root to cover its tracks.
Sadly, the malware, Dvmap could work on the Android 64-bit version.
Typically, before you install an application on your smartphone, the Google verification security feature verifies your app to make sure it’s safe. This is not the case with Dvmap, it violates.
It automatically disables Google’s Verify Apps security feature. That increases the risk of infection.
According to Kaspersky, which first discovered the malicious malware, Dvmap is still in the initial phase of testing.
“The modules were always sending reports back to the malware’s authors,” says Kaspersky Labs.
The bad guys that created Dvmap Trojan usually upload a “safe” app on Google Play, and occasionally infiltrate it with the malicious components as update for a a limited time frame and subsequently replace it with a safe version again.
According to Kaspersky, the objective of the sophisticated malware is to speed up the installation of applications with root level having the proper access from third party stores.
“Dvmap could serve ads and execute downloaded files delivered from a remote server. Meanwhile, the server connection, no files were sent during its testing, again implying Dvmap was not fully operational.
“The introduction of code injection capability is a dangerous new development in mobile malware,” Kaspersky told The Register.
“Since the approach can be used to execute malicious modules even with root access deleted, any security solutions and banking apps with root-detection features that are installed after infection won’t spot the presence of the malware.”
When discovered in April, some of the malicious applications including Dvmap were not mentioned, Kaspersky then suggests to anyone who may have been infected by the malware to have a data backup and factory reset.
“So if you downloaded a game in the last few months that has now been pulled from Google Play, you might want to follow their advice just in case.”